Your customers’ remote workers likely connect to networks with questionable security, making them perfect targets for cybercriminals. What’s your move? Bjorn Bakker, MAXfocus Head of Product Marketing, points to cloud-based remote management that features web protection.
Hackers and cybercriminals are like rodents that wreak havoc on homes: They aren’t going to ring the doorbell, and patiently wait for you to answer and invite them inside. Rather, they’re going to find cracks in the foundation, unlatched vents and any other hard-to-detect holes that offer easy access.
All they need is a sliver of space to do damage.
Online attackers work the same way. Successfully penetrating a network is much greater if they forgo the strategy of attacking head-on and instead strike from less visible – and more vulnerable – locations. Remote workers whose machines aren’t constantly behind the company firewall present the perfect targets. These users, at one point or another, likely connect to networks with questionable security – if any at all.
The misstep may be unintentional, but your mission as a managed service provider (MSP) is no less significant: You need cloud-based web protection to properly safeguard your customers’ IT systems. It only takes one machine – compromised when one remote employee downloads a seemingly harmless attachment or visits an unsuspecting website – to carry an infection back behind the corporate firewall.
You can imagine how things unfold from there. Without hosted protection that delivers URL filtering, web security and web monitoring, the picture isn’t pretty.
But it becomes your problem to address, nonetheless. Dealing with a data breach becomes a distinct possibility.
According to the Online Trust Alliance (OTA), which analyzed more than 1,000 breach cases from 2014, “40 percent were the result of external intrusions, while 29 percent were caused by employees – accidentally or maliciously – due to a lack of internal controls.”
Of course, some cybercriminals aren’t interested in the data your clients possess; they want control of your customers’ machines, and possibly the company’s network, for another reason.
Building a robot network, or “botnet,” is also big business. Joseph Demarest, the FBI’s assistant director of the cyber division, discussed botnets and the damage they cause during a United States Senate subcommittee hearing in July 2014. Citing “industry estimates,” he offered the following statistics:
- $9 billion-plus in losses to American victims
- $110 billion-plus in losses worldwide
- 500 million computers per year infected globally (18 victims per second)
“Once the botnet is in place,” Demarest testified, “it can be used in distributed denial of service (DDoS) attacks, proxy and spam services, malware distribution, and other organized criminal activity … A botnet typically operates without obvious visible evidence and can remain operational for years.”
As you consider the effect data breaches and botnets can have on your customers (and therefore your business), there is a third reason to enhance your web security: You need to know how much information is leaving client machines.
Visibility into upload activity – especially concerning out-of-sight remote workers – is equally important. How much data do they send from their company machines? And is there a legitimate business reason behind the action?
If you’re weighing whether to enhance your web security, the scale should tip significantly to one side. There’s too much at stake to operate without it.
Remember: Today’s cyber-rodents need just one machine – one crack – to attack.